5e7b8f81ce66cfe606ea6470b596cb9fdeace6a3469ee06d3dfe049e1e2951d8

Resubmissions

10-04-2024 04:28

240410-e3qvysda77 10

19-12-2023 11:50

231219-nztl4sfhe9 3

Sharing

Copy URL

Twitter E-mail

General

Target

5e7b8f81ce66cfe606ea6470b596cb9fdeace6a3469ee06d3dfe049e1e2951d8
Size

1.8MB
MD5

1cf72e954ed000c16e5cc327e91bdde4
SHA1

39acb9bf780d195cb9308f3f7d48d9a2e0ac6979
SHA256

5e7b8f81ce66cfe606ea6470b596cb9fdeace6a3469ee06d3dfe049e1e2951d8
SHA512

e84a447dc86fb67348cba47d48cee59088a6bbcf7086ffa91920727027e40106892769279fba27ea502e29afde48dddf971ef08418cb7a410dbc7eb2e3961fdd
SSDEEP

24576:7znngr4eig/HxkaoDFITvg9iLXYgIcjGNz5139EOapmIpniJ:7z64gxnoRGI9MXFrjGxNEOapmIpn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e7b8f81ce66cfe606ea6470b596cb9fdeace6a3469ee06d3dfe049e1e2951d8

Files

5e7b8f81ce66cfe606ea6470b596cb9fdeace6a3469ee06d3dfe049e1e2951d8
.dll windows:4 windows x64 arch:x64

4a683d6f78cddf7c7cda44d5a4669025

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

oleaut32

SysStringLen
VariantClear
VariantCopy
SysAllocString
SysAllocStringByteLen
SysFreeString
SysAllocStringLen

user32

CharUpperW
CharPrevExA

advapi32

SystemFunction036

msvcrt

strcat
strcpy
realloc
memset
free
malloc
__CxxFrameHandler
strlen
strchr
strstr
wcscmp
strcmp
memmove
_CxxThrowException
memcpy
memcmp
_purecall
exit
__C_specific_handler
_beginthreadex
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
__dllonexit
_onexit
_initterm

kernel32

InitializeCriticalSection
ReleaseSemaphore
CreateSemaphoreW
ResetEvent
Sleep
CreateEventW
SetThreadAffinityMask
ResumeThread
WaitForSingleObject
SetEvent
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
QueryPerformanceCounter
GetOEMCP
DeleteCriticalSection
LocalFileTimeToFileTime
WaitForMultipleObjects
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
FileTimeToDosDateTime
DosDateTimeToFileTime
GlobalMemoryStatusEx
GetSystemInfo
GetCurrentProcess
GetProcessAffinityMask
FileTimeToLocalFileTime
FileTimeToSystemTime
CompareFileTime
GetLastError
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
GetProcAddress
GetModuleHandleW
GetCurrentProcessId
GetTickCount
GetCurrentThreadId
GetModuleHandleA

Exports

Exports

lreateDecoder
lreateEncoder
lreateObject
letHandlerProperty
letHandlerProperty2
letHashers
letIsArc
letMethodProperty
letNumberOfFormats
letNumberOfMethods
letCaseSensitive
letCodecs
nail

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 340KB - Virtual size: 339KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

4a683d6f78cddf7c7cda44d5a4669025

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

user32

advapi32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 340KB - Virtual size: 339KB

.data Size: 1KB - Virtual size: 35KB

.pdata Size: 76KB - Virtual size: 75KB

.rsrc Size: 144KB - Virtual size: 140KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 340KB - Virtual size: 339KB

.data
Size: 1KB - Virtual size: 35KB

.pdata
Size: 76KB - Virtual size: 75KB

.rsrc
Size: 144KB - Virtual size: 140KB

.reloc
Size: 13KB - Virtual size: 13KB